The Australian Communications and Media Authority (ACMA) has issued Telstra a direction to comply with the privacy clause in the Telecommunications Consumer Protection (TCP) code, following a 2011 privacy breach that left the details of 734,000 broadband customers vulnerable.

Telstra's internal tool, prior to it being taken down.(Screenshot by Michael Lee/ZDNet Australia)

In December last year, Telstra inadvertently exposed customer information online after one of its internal tools was indexed by Google and made public. The tool was designed for Telstra employees to search customer records, but anyone with access to the tool could access information about a Telstra customer's Bundle orders, including their plan, billing account numbers, first and last names, driver's licence number, username and password, as well as notes about their account.

Today, ACMA issued Telstra with the direction to comply with the privacy clause in the TCP code. Although the company has escaped a fine this time, if Telstra is found to breach this clause again, ACMA has the power to take Telstra to court and seek to fine the company for it.

ACMA Chairman Chris Chapman that other telcos can expect a similar direction if they breach the code.

"Put simply, if a provider breaches the code, you can expect us to direct it to comply," he said in a statement. "Given Telstra has pro-actively taken steps to remedy its processes, with a view to preventing such an incident from happening again, a direction with respect to the specific code provision is the appropriate measure."